fastlane match is a fastlane action that solves the 'how do I share signing certificates and provisioning profiles across the team' problem by writing them, encrypted with a shared passphrase, into a private git repository. Every developer and every CI job clones the repo, decrypts the bundle, imports it into a local keychain, and uses it to sign. It is the de-facto standard for iOS CI signing.
What it stores
- Apple Distribution and Apple Development certificates (the .cer plus an exported .p12 with the private key).
- Provisioning profiles for App Store, Ad Hoc, and Development.
- All encrypted with OpenSSL using a single passphrase that everyone on the team has to know.
Common commands
bash
# First-time setup fastlane match init fastlane match appstore fastlane match development # CI pulls in read-only mode fastlane match appstore --readonly # Recreate everything from scratch fastlane match nuke distribution fastlane match appstore
Where it starts to hurt
- One shared passphrase: every onboarding has to receive it; offboarding requires nuking and re-encrypting the entire repo.
- match nuke is destructive and revokes every certificate it manages, breaking unrelated builds in flight.
- Apple's three-certificate cap is easy to hit because match creates a new one on every nuke or full reset.
- Profiles and entitlements drift between Xcode-managed and match-managed states.
- Rotation is manual and error-prone, especially for teams that own multiple App IDs or Team IDs.
When match is still the right answer
- Small teams (1-3 developers) with a single App ID and no need for audit trails.
- Existing fastlane-heavy pipelines where adding a new tool is more cost than fixing match's rough edges.
- Side projects and indie apps where the encrypted git repo is the simplest possible shared store.